发表新帖
发表新帖

Firestore Security Rules breaking with update rule

前端 未结
关注
1 1875
一整个雨季
一整个雨季 2021-01-23 10:46

I posted a question about this yesterday but I\'m creating a new one with more details. Firestore .setData is blocked by update rule not create

I\'ve run the simulator a

1条回答
  • 清酒与你
    清酒与你 (楼主)
    2021-01-23 11:25

    Firebase Support confirms that there is a bug related to the evaluation of request.writeFields.size(). No estimate was given of when it will be fixed.

    The existence of the bug can be demonstrated with the following rules:

    service cloud.firestore {
  match /databases/{database}/documents {

    match /cities/{city} {
      // This should always evaluate to true, but does not.
      allow create: if (request.writeFields.size() == 1) || (request.writeFields.size() != 1);
      allow update: if true;
    }
  }
}

    Although the create rule should always evaluate to true, an attempt to create a city fails with Permission Denied. It seems that the problem with request.writeFields affects not only the rule in which it appears, but also other rules for the path. For the rules shown above, an attempt to update an existing city also fails with Permission Denied.

    0 讨论(0)
 看不清?
提交回复
热议问题